FBI / CIA Emails

Status
Please reply by conversation.
Scott Greczkowski

Scott Greczkowski

Thread Starter
Welcome HOME to SatelliteGuys!
Staff member
HERE TO HELP YOU!
Sep 7, 2003
100,784
20,485
Newington, CT
I have been getting a lot of emails and PM's from users telling me that they have been getting a lot of emails from the FBI and CIA today.

The emails read like this...
Dear Sir/Madam,

we have logged your IP-address on more than 30 illegal Websites.

Important:
Please answer our questions!
The list of questions are attached.

Yours faithfully,
Steven Allison


*** Federal Bureau of Investigation -FBI-
*** 935 Pennsylvania Avenue, NW, Room 3220
*** Washington, DC 20535
*** phone: (202) 324-3000

DO NOT OPEN THE ATTACHMENT ITS A VIRUS!!

You can read more about this virus below.
http://news.com.com/FBI+warns+surfers+of+scam+e-mails/2110-7348_3-5965810.html?tag=nefd.hed
 
Stargazer

Stargazer

Supporting Founder
Supporting Founder
Sep 7, 2003
16,565
340
Western WV
If the FBI was suspicious about you doing something they would not contact you by email asking for such information. They would probably send you a letter instead.
 
L

LonghornXP

Supporting Founder
Supporting Founder
Stargazer said:
If the FBI was suspicious about you doing something they would not contact you by email asking for such information. They would probably send you a letter instead.

You would be signing for it as well.
 
voomvoom

voomvoom

SatelliteGuys Master
Lifetime Supporter
May 18, 2004
6,660
29
Lizella, Georgia Republic
Too late Scott. I opened it out of curiosity around 7:30 or 8:00 last night. Curious as to what kind of questions the FBI had for me. If I had been to an illegal site, how would I know that? I knew I had messed up when I clicked on the attachment. It didn't go to any questions, it was obviously loading something into my computer. I tried to delete it, it would not close. I tried to cut off the computer, it would not close. I unplugged my DSL, still would not stop. I unplugged the computer. I guess that may have stopped it, temporarily.
I noticed around 10:00 last night, that I had received 27 spams in my spambox in about 2-3 hours. I normally get around 5-7 over a 24 hour period in time. 3/4ths of which were failed mail attempts from various webmasters. This morning there were 44 spams in my spambox. Same type of failed mail attempts.
Would anyone happen to know how to get this crap out of my computer. Any help wpuld be much appreciated. Thanks....

Al
 
Scott Greczkowski

Scott Greczkowski

Thread Starter
Welcome HOME to SatelliteGuys!
Staff member
HERE TO HELP YOU!
Sep 7, 2003
100,784
20,485
Newington, CT
I woke up this morning to over 200 of them, I got the CIA and FBI ones plus some ones about Paris Hilton, others called Registration Confirmation and Hi_ive_a_new_mail_address.

All virus's.

Be carefull!
 
Purogamer

Purogamer

SatelliteGuys Pro
Supporting Founder
Jul 19, 2005
2,365
0
Mentor, Ohio
It's almost 2006 and people still open attachments they don't recognize, amazing...
 
Ilya

Ilya

XXI Century Explorer
Staff member
HERE TO HELP YOU!
Lifetime Supporter
Feb 16, 2004
24,579
10,316
NE OH
The worm is called W32.Sober.X@mm [Symantec]
Also known as: CME-681, WORM_SOBER.AG [Trend Micro], W32/Sober-{X, Z} [Sophos], Win32.Sober.W [Computer Associates], Sober.Y [F-Secure], W32/Sober@MM!M681 [McAfee]

It basically sends itself (as an attachment) to all email addresses it can find on your computer using the following subjects:

Your Password
Registration Confirmation
smtp mail failed
Mail delivery failed
hi, ive a new mail address
You visit illegal websites
Your IP was logged
Paris Hilton & Nicole Richie

Ihr Passwort
Account Information
SMTP Mail gescheitert
Mailzustellung wurde unterbrochen
Ermittlungsverfahren wurde eingeleitet
Sie besitzen Raubkopien
RTL: Wer wird Millionaer
Sehr geehrter Ebay-Kunde

Read here for details:
http://www.symantec.com/avcenter/venc/data/w32.sober.x@mm.html
 
S

Sean Mota

SatelliteGuys Master
Supporting Founder
Sep 8, 2003
19,039
1,738
New York City
Damn that means that someone who has my email address was already infected...
 
RandallA

RandallA

Supporting Founder
Supporting Founder
Dec 13, 2004
10,556
68
San Francisco Bay Area
"Would anyone happen to know how to get this crap out of my computer"

Do you have an Antivirus program? Then just run a full scan in safe mode and see if it can remove it for you.
Ilya posted the details of the threat in the above post. You should read that link.
 
Neutron

Neutron

Founding Supporter
Supporting Founder
Nov 7, 2003
18,730
1,122
Texas
avast! is a nice antivirus program, and if it's for home use it's FREE!
 
joedekock

joedekock

SatelliteGuys Pro
Jan 12, 2005
1,136
0
West Michigan
Stargazer said:
If the FBI was suspicious about you doing something they would not contact you by email asking for such information. They would probably send you a letter instead.

Or show up at your work!
 
Neutron

Neutron

Founding Supporter
Supporting Founder
Nov 7, 2003
18,730
1,122
Texas
Starting to hit us at work now.
 
Stargazer

Stargazer

Supporting Founder
Supporting Founder
Sep 7, 2003
16,565
340
Western WV
I dont open up any email from anyone/service that I do not know. I do not open attachments if I am not expecting any.
 
thiggin2

thiggin2

Supporting Founder
Supporting Founder
Mar 28, 2004
1,632
5
TampaBay Florida
RandallA said:
"Would anyone happen to know how to get this crap out of my computer"

Do you have an Antivirus program? Then just run a full scan in safe mode and see if it can remove it for you.
Ilya posted the details of the threat in the above post. You should read that link.
It wiped out my Norton program (2005 and up to date), wouldn't even run, it also took out my Microsoft Antispam program.
I had to reformat, I think that is the easiest thing to do to get rid of it(atleast for me)
 
Foxbat

Foxbat

Addicted to new HW
Supporting Founder
Lifetime Supporter
Nov 25, 2003
17,435
9,990
Michiana
The e-mail admins at work were also talking about .zip attachment coming in, but with different Subject: lines than those outlined above. Fortunately, our e-mail front end strips out infected attachments and archives, so it didn't turn ugly for us at work. Still, people were getting annoyed with the (mostly) empty e-mails.

If your local AV program gets clobbered, there are also on-line sites that may be reachable (as long as your hosts file is intact) so you can perform an on-line AV scan of your PC. http://www.symantec.com/avcenter/global/index.html is one of them.
 
thiggin2

thiggin2

Supporting Founder
Supporting Founder
Mar 28, 2004
1,632
5
TampaBay Florida
I thought about do the online AV scan but it (the virus) was constantly sending email out using my mail server and the only way to stop it at that point was to shut down my network.
 
Status
Please reply by conversation.

Similar threads

S
  • Locked
Replies
0
Views
1K
Sky King
S
B
Replies
16
Views
2K
bpickell
B
hdtvtechno
Replies
8
Views
1K
hdtvtechno
hdtvtechno
hdtvtechno
Replies
3
Views
1K
Pepper
Pepper
whitewolf8214
Replies
7
Views
676
Bobby
Bobby

Users Who Are Viewing This Thread (Total: 0, Members: 0, Guests: 0)

Top